Re: [graylog2] Is there a way to directly generate count chart based on non-numeric values?

Hi Drew, That's a neat trick!. Thanks for sharing. Maybe change type to *total* instead of *sum* gives even more accurate chart? Thanks, On Fri, May 20, 2016 at 9:17 AM Drew Miranda wrote: > Something I've done as a neat work around is run the query to get a normal >

[graylog2] new cluster install failing

Is you mongodb on a different host? You may need to edit the mongodb config. By default it only binds to 127.0.0.1 and isn't reachable from external hosts. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and

[graylog2] Is there a way to directly generate count chart based on non-numeric values?

Something I've done as a neat work around is run the query to get a normal histogram, and then show the hidden field timestamp which exists on all message. I then generate a chart using that field and change type from mean so sum. It will then give you a chart matching the histogram above. You

Re: [graylog2] Re: Is there a way to directly generate count chart based on non-numeric values?

Got it. Thanks, Jochen. On Thu, May 19, 2016 at 8:11 PM Jochen Schalanda wrote: > Hi Nuttanart, > > charts from non-numeric values (except "Quick Values") are currently not > supported in Graylog. > > Cheers, > Jochen > > > On Thursday, 19 May 2016 06:44:58 UTC+2, Nuttanart

[graylog2] new cluster install failing

I've installed a new graylog2 cluster, with the following components; 3 graylog2 servers, 3 elasticsearch servers, and a mongodb cluster. the mongodb cluster has 2 mongos routers, 3 config servers, and 2 shard servers. When i initially start up graylog everything appears fine in the logs.

[graylog2] Re: Graylog collector side car

I think collector_sidecar.yml installs with a Linux path for the configuration even in Windows. Fix the path and make sure the user running collector-sidecar has rights to write in the folder. Mine looks like this: server_url: http://:12900 node_id: collector_id: file:C:\Program Files

[graylog2] Re: Graylog collector side car

On Thursday, May 19, 2016 at 9:26:40 AM UTC-4, sangh wrote: > > Hi, > i am trying to install the collector side car. i have an error " ERRO[] > [nxlog] Collector exits immediately, this should not happen! Please check > your collector configuration! > > " the error seemes to be with with

[graylog2] Re: installing graylog collector sidecar in windows 10 64bit not working nxlog.exe not create in generted folder

Are you thinking of nxlog.conf? nxlog.exe comes from installing nxlog separately. The sidecar creates nxlog.conf and runs the nxlog service using it. On Thursday, May 19, 2016 at 9:20:06 AM UTC-4, rvb n wrote: > > installing graylog collector sidecar in windows 10 64bit not working > nxlog.exe

[graylog2] Re: Graylog 2 - CentOS 7 - Server Currently Unavailable

Am also facing the same issue. Has anyone figured it out? On Thursday, May 19, 2016 at 2:42:09 AM UTC+5:30, Chris Chalmers

[graylog2] installing graylog collector sidecar in windows 10 64bit not working nxlog.exe not create in generted folder

installing graylog collector sidecar in windows 10 64bit not working nxlog.exe not create in generted folder -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[graylog2] Re: Graylog indicies

The same here, the other solutions doesn't work Le mardi 17 mai 2016 02:59:49 UTC+2, Mark Moorcroft a écrit : > > > Personally I changed all the references to graylog in the conf files back > to graylog2, and so far no issues with that stuff. All my indices came back > as expected. > > On

[graylog2] Re: Read offset {} before start of log at {}

Thanks, Jochen! That worked. Sincerely, Dilip M. On Thursday, May 19, 2016 at 8:19:53 AM UTC-4, Jochen Schalanda wrote: > > Hi Dilip, > > please try deleting the files in the message_journal_dir ( > https://github.com/Graylog2/graylog2-server/blob/2.0.1/misc/graylog.conf#L328-L330) > > and

[graylog2] Re: Beats plugin from Graylog vs. sivasamyk

Hi, if the 3rd party plugin is working for you, there's no reason to switch right now. I understand from Lennart that Graylog 2.0 was meant to provide backwards > compatibility with 1.x plugins -- so that's likely why it works. That's more or less by accident. Graylog 2.0.x is not explicitly

[graylog2] Re: Read offset {} before start of log at {}

Hi Dilip, please try deleting the files in the message_journal_dir ( https://github.com/Graylog2/graylog2-server/blob/2.0.1/misc/graylog.conf#L328-L330) and restart Graylog. Cheers, Jochen On Wednesday, 18 May 2016 19:15:53 UTC+2, Dilip Muthukrishnan wrote: > > I should mention that I'm

[graylog2] Re: Plugins with Docker

Hi Michael, that's exactly how it's supposed to work. Alternatively you could override the plugin_dir configuration setting with the GRAYLOG_PLUGIN_DIR environment variable and mount the volume in another path. Cheers, Jochen On Wednesday, 18 May 2016 21:56:32 UTC+2, Michael Taylor wrote: >

[graylog2] Re: Sidecar collector is now a plugin?

Hi Michael, Is this how the collector functionality will work going forward? > Yes, the complete collector functionality has been moved into the plugin. The base installation still has a collector page under System/Collectors, > is that page going to go away or stop working without the

[graylog2] Re: Is there a way to directly generate count chart based on non-numeric values?

Hi Nuttanart, charts from non-numeric values (except "Quick Values") are currently not supported in Graylog. Cheers, Jochen On Thursday, 19 May 2016 06:44:58 UTC+2, Nuttanart Pornprasitsakul wrote: > > Hi, > > My messages have Event field which value could be something like >

[graylog2] Re: Graylog2 + EDGE

Hi Tomas, this sounds like the issue described in https://groups.google.com/d/msg/graylog2/EhHIX-jcXdM/f7-c3vEPAwAJ and will be fixed in the upcoming Graylog 2.0.2 release. Cheers, Jochen On Wednesday, 18 May 2016 22:10:51 UTC+2, Tomas P wrote: > > Hi, > if i use Edge (Win10) and Graylog2

[graylog2] Re: load balancer

Hi, no, load balancers are not required to run multiple Graylog nodes in a cluster. Cheers, Jochen On Wednesday, 18 May 2016 15:18:58 UTC+2, kaiser wrote: > > Hi Jochen > > Is load balancer mandatory to use multiple graylog nodes? > > Regards > -- You received this message because you are

[graylog2] Can you import Exchange 2013 Audit logs into Graylog?

Hi, I have my Windows Event logs going to my Graylog servers like a charm - its great. With Exchange 2013 if you turn on Auditing the logs are stored with the users mailbox and not in the Event log. You can purchase 3rd party apps like Netwrix to send them to the Event log. Is there a plugin